src/main/java/com/ruoyi/common/constant/UserConstants.java
@@ -12,6 +12,11 @@ */ public static final String SYS_USER = "SYS_USER"; /** * ssæ è®°çæéå符 */ public static final String SS_PERMISSION = "SS_PERMISSION"; /** æ£å¸¸ç¶æ */ public static final String NORMAL = "0";
@@ -10,6 +10,7 @@ import com.ruoyi.common.utils.StringUtils; import com.ruoyi.framework.aspectj.lang.annotation.DataScope; import com.ruoyi.framework.security.LoginUser; import com.ruoyi.framework.security.context.PermissionContextHolder; import com.ruoyi.framework.web.domain.BaseEntity; import com.ruoyi.project.system.domain.SysRole; import com.ruoyi.project.system.domain.SysUser; @@ -70,8 +71,9 @@ // å¦ææ¯è¶ 级管çåï¼åä¸è¿æ»¤æ°æ® if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) { String permission = StringUtils.defaultIfEmpty(controllerDataScope.permission(), PermissionContextHolder.getContext()); dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(), controllerDataScope.userAlias()); controllerDataScope.userAlias(), permission); } } } @@ -83,8 +85,9 @@ * @param user ç¨æ· * @param deptAlias é¨é¨å«å * @param userAlias ç¨æ·å«å * @param permission æéå符 */ public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias) public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, String permission) { StringBuilder sqlString = new StringBuilder(); List<String> conditions = new ArrayList<String>(); @@ -96,6 +99,10 @@ { continue; } if (StringUtils.isNotEmpty(permission) && StringUtils.isNotEmpty(role.getPermissions()) && !role.getPermissions().contains(permission)) { continue; } if (DATA_SCOPE_ALL.equals(dataScope)) { sqlString = new StringBuilder(); src/main/java/com/ruoyi/framework/aspectj/lang/annotation/DataScope.java
@@ -25,4 +25,9 @@ * ç¨æ·è¡¨çå«å */ public String userAlias() default ""; /** * æéå符ï¼å¦ä¸å¡«é»è®¤ä¼èªå¨æ ¹æ®æ³¨è§£è·åï¼ */ public String permission() default ""; } src/main/java/com/ruoyi/framework/security/context/PermissionContextHolder.java
¶Ô±ÈÐÂÎļþ @@ -0,0 +1,21 @@ package com.ruoyi.framework.security.context; /** * æéä¿¡æ¯ * * @author ruoyi */ public class PermissionContextHolder { private static final ThreadLocal<String> contextHolder = new ThreadLocal<>(); public static void setContext(String permission) { contextHolder.set(permission); } public static String getContext() { return contextHolder.get(); } } src/main/java/com/ruoyi/framework/security/service/PermissionService.java
@@ -6,6 +6,7 @@ import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.framework.security.LoginUser; import com.ruoyi.framework.security.context.PermissionContextHolder; import com.ruoyi.project.system.domain.SysRole; /** @@ -43,6 +44,7 @@ { return false; } PermissionContextHolder.setContext(permission); return hasPermissions(loginUser.getPermissions(), permission); }
@@ -1,9 +1,11 @@ package com.ruoyi.framework.security.service; import java.util.HashSet; import java.util.List; import java.util.Set; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.ruoyi.project.system.domain.SysRole; import com.ruoyi.project.system.domain.SysUser; import com.ruoyi.project.system.service.ISysMenuService; import com.ruoyi.project.system.service.ISysRoleService; @@ -59,7 +61,21 @@ } else { perms.addAll(menuService.selectMenuPermsByUserId(user.getUserId())); List<SysRole> roles = user.getRoles(); if (!roles.isEmpty() && roles.size() > 1) { // å¤è§è²è®¾ç½®permissionså±æ§ï¼ä»¥ä¾¿æ°æ®æéå¹é æé for (SysRole role : roles) { Set<String> rolePerms = menuService.selectMenuPermsByRoleId(role.getRoleId()); role.setPermissions(rolePerms); perms.addAll(rolePerms); } } else { perms.addAll(menuService.selectMenuPermsByUserId(user.getUserId())); } } return perms; } src/main/java/com/ruoyi/project/system/controller/SysDeptController.java
@@ -79,29 +79,6 @@ } /** * è·åé¨é¨ä¸ææ å表 */ @GetMapping("/treeselect") public AjaxResult treeselect(SysDept dept) { List<SysDept> depts = deptService.selectDeptList(dept); return AjaxResult.success(deptService.buildDeptTreeSelect(depts)); } /** * å 载对åºè§è²é¨é¨å表æ */ @GetMapping(value = "/roleDeptTreeselect/{roleId}") public AjaxResult roleDeptTreeselect(@PathVariable("roleId") Long roleId) { List<SysDept> depts = deptService.selectDeptList(new SysDept()); AjaxResult ajax = AjaxResult.success(); ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId)); ajax.put("depts", deptService.buildDeptTreeSelect(depts)); return ajax; } /** * æ°å¢é¨é¨ */ @PreAuthorize("@ss.hasPermi('system:dept:add')") src/main/java/com/ruoyi/project/system/controller/SysRoleController.java
@@ -24,9 +24,11 @@ import com.ruoyi.framework.web.controller.BaseController; import com.ruoyi.framework.web.domain.AjaxResult; import com.ruoyi.framework.web.page.TableDataInfo; import com.ruoyi.project.system.domain.SysDept; import com.ruoyi.project.system.domain.SysRole; import com.ruoyi.project.system.domain.SysUser; import com.ruoyi.project.system.domain.SysUserRole; import com.ruoyi.project.system.service.ISysDeptService; import com.ruoyi.project.system.service.ISysRoleService; import com.ruoyi.project.system.service.ISysUserService; @@ -50,6 +52,9 @@ @Autowired private ISysUserService userService; @Autowired private ISysDeptService deptService; @PreAuthorize("@ss.hasPermi('system:role:list')") @GetMapping("/list") @@ -242,4 +247,17 @@ roleService.checkRoleDataScope(roleId); return toAjax(roleService.insertAuthUsers(roleId, userIds)); } } /** * è·å对åºè§è²é¨é¨æ å表 */ @PreAuthorize("@ss.hasPermi('system:role:list')") @GetMapping(value = "/deptTree/{roleId}") public AjaxResult deptTree(@PathVariable("roleId") Long roleId) { AjaxResult ajax = AjaxResult.success(); ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId)); ajax.put("depts", deptService.selectDeptTreeList(new SysDept())); return ajax; } } src/main/java/com/ruoyi/project/system/controller/SysUserController.java
@@ -25,8 +25,10 @@ import com.ruoyi.framework.web.controller.BaseController; import com.ruoyi.framework.web.domain.AjaxResult; import com.ruoyi.framework.web.page.TableDataInfo; import com.ruoyi.project.system.domain.SysDept; import com.ruoyi.project.system.domain.SysRole; import com.ruoyi.project.system.domain.SysUser; import com.ruoyi.project.system.service.ISysDeptService; import com.ruoyi.project.system.service.ISysPostService; import com.ruoyi.project.system.service.ISysRoleService; import com.ruoyi.project.system.service.ISysUserService; @@ -45,6 +47,9 @@ @Autowired private ISysRoleService roleService; @Autowired private ISysDeptService deptService; @Autowired private ISysPostService postService; @@ -234,4 +239,14 @@ userService.insertUserAuth(userId, roleIds); return success(); } } /** * è·åé¨é¨æ å表 */ @PreAuthorize("@ss.hasPermi('system:user:list')") @GetMapping("/deptTree") public AjaxResult deptTree(SysDept dept) { return AjaxResult.success(deptService.selectDeptTreeList(dept)); } } src/main/java/com/ruoyi/project/system/domain/SysRole.java
@@ -1,5 +1,6 @@ package com.ruoyi.project.system.domain; import java.util.Set; import javax.validation.constraints.NotBlank; import javax.validation.constraints.Size; import org.apache.commons.lang3.builder.ToStringBuilder; @@ -58,6 +59,9 @@ /** é¨é¨ç»ï¼æ°æ®æéï¼ */ private Long[] deptIds; /** è§è²èåæé */ private Set<String> permissions; public SysRole() { @@ -203,7 +207,17 @@ { this.deptIds = deptIds; } public Set<String> getPermissions() { return permissions; } public void setPermissions(Set<String> permissions) { this.permissions = permissions; } @Override public String toString() { return new ToStringBuilder(this,ToStringStyle.MULTI_LINE_STYLE) src/main/java/com/ruoyi/project/system/mapper/SysMenuMapper.java
@@ -43,6 +43,14 @@ public List<String> selectMenuPermsByUserId(Long userId); /** * æ ¹æ®è§è²IDæ¥è¯¢æé * * @param roleId è§è²ID * @return æéå表 */ public List<String> selectMenuPermsByRoleId(Long roleId); /** * æ ¹æ®ç¨æ·IDæ¥è¯¢èå * * @return èåå表 src/main/java/com/ruoyi/project/system/service/ISysDeptService.java
@@ -20,6 +20,14 @@ public List<SysDept> selectDeptList(SysDept dept); /** * æ¥è¯¢é¨é¨æ ç»æä¿¡æ¯ * * @param dept é¨é¨ä¿¡æ¯ * @return é¨é¨æ ä¿¡æ¯éå */ public List<TreeSelect> selectDeptTreeList(SysDept dept); /** * æ建å端æéè¦æ ç»æ * * @param depts é¨é¨å表 src/main/java/com/ruoyi/project/system/service/ISysMenuService.java
@@ -37,6 +37,14 @@ * @return æéå表 */ public Set<String> selectMenuPermsByUserId(Long userId); /** * æ ¹æ®è§è²IDæ¥è¯¢æé * * @param roleId è§è²ID * @return æéå表 */ public Set<String> selectMenuPermsByRoleId(Long roleId); /** * æ ¹æ®ç¨æ·IDæ¥è¯¢èåæ ä¿¡æ¯ src/main/java/com/ruoyi/project/system/service/impl/SysDeptServiceImpl.java
@@ -47,6 +47,19 @@ { return deptMapper.selectDeptList(dept); } /** * æ¥è¯¢é¨é¨æ ç»æä¿¡æ¯ * * @param dept é¨é¨ä¿¡æ¯ * @return é¨é¨æ ä¿¡æ¯éå */ @Override public List<TreeSelect> selectDeptTreeList(SysDept dept) { List<SysDept> depts = SpringUtils.getAopProxy(this).selectDeptList(dept); return buildDeptTreeSelect(depts); } /** * æ建å端æéè¦æ ç»æ src/main/java/com/ruoyi/project/system/service/impl/SysMenuServiceImpl.java
@@ -101,6 +101,27 @@ } /** * æ ¹æ®è§è²IDæ¥è¯¢æé * * @param roleId è§è²ID * @return æéå表 */ @Override public Set<String> selectMenuPermsByRoleId(Long roleId) { List<String> perms = menuMapper.selectMenuPermsByRoleId(roleId); Set<String> permsSet = new HashSet<>(); for (String perm : perms) { if (StringUtils.isNotEmpty(perm)) { permsSet.addAll(Arrays.asList(perm.trim().split(","))); } } return permsSet; } /** * æ ¹æ®ç¨æ·IDæ¥è¯¢èå * * @param userId ç¨æ·å称 src/main/resources/mybatis/system/SysMenuMapper.xml
@@ -111,6 +111,13 @@ where m.status = '0' and r.status = '0' and ur.user_id = #{userId} </select> <select id="selectMenuPermsByRoleId" parameterType="Long" resultType="String"> select distinct m.perms from sys_menu m left join sys_role_menu rm on m.menu_id = rm.menu_id where m.status = '0' and rm.role_id = #{roleId} </select> <select id="selectMenuById" parameterType="Long" resultMap="SysMenuResult"> <include refid="selectMenuVo"/> where menu_id = #{menuId}
